The AWS Cryptography team has announced the AWS Encryption SDK. This new SDK makes encryption easier for developers while minimizing errors that could lower the security of their applications. Developers using encryption often face two problems: a. how to correctly generate and use a key to encrypt data, and b. how to protect the key after it’s been used. The library provided in the AWS Encryption SDK addresses the first problem by transparently implementing the low-level details using the cryptographic provider available in a developer’s environment. The library addresses the second problem by providing intuitive interfaces to let developers choose how they want to protect their encryption keys after use. By using the AWS Encryption SDK, developers can focus on the core of the application they’re building instead of the complexities of encryption. We’ve provided ready-to-use samples in the SDK for AWS customers who use AWS CloudHSM or AWS Key Management Service, however the open source SDK can be extended to support other key providers.